Hey everyone!
Here are ourmeetinglogs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-04-13-15.58.log.html
And ourmeetingpad: Anti-censorship workmeetingpad
···
- THIS IS A PUBLIC PAD
Anti-censorship
Next meeting: Thursday, April 13 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
-
Our anti-censorship roadmap:
-
Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
-
The anti-censorship team’s wiki page:
-
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
-
Past meeting notes can be found at:
-
Tickets that need reviews: from sponsors, we are working on:
-
All needs review tickets:
-
Sponsor 96
-
Sponsor 139 ← hackerncoder, irl, joydeep, meskio, emmapeel working on it
== Announcements ==
== Discussion ==
-
Update on Analysis of speed deficiency of Snowflake in China, 2023 Q1 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2883879
-
after a lot of research the proposed solution is to enable datagram transport on webrtc to deal with the packet loss situation
-
that will convert webrtc into an unreliable channel, and snowflake will add reliablity with kcp
-
(NO update from shell @ Apr 13)
== Actions ==
== Interesting links ==
== Reading group ==
-
We will discuss “Lox: Protecting the Social Graph in Bridge Distribution” on 2023 May 18
-
Questions to ask and goals to have:
-
What aspects of the paper are questionable?
-
Are there immediate actions we can take based on this work?
-
Are there long-term actions we can take based on this work?
-
Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
-
What you worked on this week.
Next week: -
What you are planning to work on next week.
Help with: -
- Something you need help with.
cecylia (cohosh): last updated 2023-04-13
Last week:
- released a new version of snowflake-webext (0.7.2)
- added CI and renovate bot to Conjure
- debugged wireguard setup and confirmed it works
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/15
- fixed a bug where SOCKS handles were being leaked in Conjure
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/27
- Added a content security policy to webextension
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/80
- Opened an upstream issue in gotapdance to restore functionality lost in a version upgrade
-
https://github.com/refraction-networking/gotapdance/issues/113
This week: - Lox tor browser integration
- conjure maintenance
Needs help with:
dcf: 2023-04-13
-
Last week:
-
- posted performance measurements of a QueuePacketConn optimization and merged it https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/145#note_2894729
-
- made a graph of snowflake proxy NAT types over time, which highlights the times when probetest was failing and there was an increase in “unknown” NAT types https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40071#note_2895077
-
- archived snowflake-webextension-0.7.2 https://archive.org/details/snowflake-webextension-0.7.2
-
Next week:
-
- migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_2823122 (for real)
-
- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
-
- open issue to disable /debug endpoint on snowflake broker
-
Help with:
meskio: 2023-04-13
Last week:
-
- configure rdsys to distribute webtunnel bridges (rdsys#142)
-
- set up a webtunnel bridge to test
-
- review and merge a bunch of renovate MRs in rdsys
-
- brainstorm on pinning TLS certs in Tor Browser for bridges.torproject.org (tpa/team#41123)
-
- review bridgestrap aggressive retry for dysfunctional bridges (bridgestrap!16)
-
- review snowflake webextension CSP (webext!66)
-
- sponsor 96 report
-
- grant application work…
Next week:
-
- distribute webtunnel bridges in BridgeDB
Shelikhoo: 2023-04-13
Last Week:
-
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
-
- [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1
-
- [Merge Request] container image for webtunnel (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/merge_requests/7)
-
- [Research] Fix crash on launch when unexpected input was supplyed over PT protocol https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/issues/19
-
- Write S96 report
-
- Comment on S96 User Research Risk Assessment
Next Week:
-
- [Research] WebTunnel planning (Continue)
-
- Try to find a place to host another vantage point
-
- container image for webtunnel
-
- consider propagating 2FA everywhere, maybe, at the April Tor Meeting (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41083#note_2884138)
-
- logcollector al
tert system
- logcollector al
-
- webtunnel document for proxy operator
onyinyang: 2023-04-13
Last week:
- worked on handling
gone resources
in a more appropriate way for Lox as outlined here: https://gitlab.torproject.org/tpo/anti-censorship/lox/lox-overview/-/issues/7#note_2894231 - implemented a more aggressive testing schedule for failing bridgestrap resources https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/merge_requests/16
- discovered that failed/low bandwidth resources are quietly marked to not be distributed and so don’t show up as
gone
- discussed implementing metrics to check how frequently badwidth ratio causes resources to “flicker” tracked here: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/160
This week: - work on implementing metrics to check on flickering resources
- work on marking as
gone
, failing/low-bandwidth resources that are no longer distributed
-If time (and functionality above is in place):
-
- If a bridge is
gone
due to bandwidth issues or descriptors not being published, replace them with working bridges in Lox–this will have implications for syncing with rdsys but first things first
- If a bridge is
-
(long term)
-
- brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice.
-
Question: What makes a bridge useable for a given user, and how can we encode that to best ensure we’re getting the most appropriate resources to people?
-
- Are there some obvious grouping strategies that we can already consider?
-
e.g., by pt, by bandwidth (lower bandwidth bridges sacrified to open-invitation buckets?), by locale (to be matched with a requesting user’s geoip or something?)
-
- Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
Itchy Onion: 2023-04-13
Last week:
-
- Vacation
This week:
-
Experimenting with additional SDP tests after discussion on MR #141 (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/141#note_2890035)
-
Learning about rdsys
-
Started working on #110 (treat unknown bridge distribution request as “none”)
hackerncoder: 2023-03-09
last week:
Next week:
- getting ooni-exporter to work with torsf (snowflake)
- ooni-exporter web_connectivity
- work on “bridgetester”?
- how does Iran block bridges